<%@ page language="java" import="java.util.*,java.sql.*" pageEncoding="UTF-8"%>
<%
request.setCharacterEncoding("UTF-8");

int i=0;

String adminname=request.getParameter("adminname");
String adminpass=request.getParameter("adminpass");

com.zipishu.DataBaseConnection db = new com.zipishu.DataBaseConnection();
Connection con = db.getConnection();
String sql="SELECT * FROM admin WHERE adminname=? AND adminpass=?";
PreparedStatement pstmt = con.prepareStatement(sql);
pstmt.setString(1, adminname);
pstmt.setString(2, adminpass);
ResultSet resultset= pstmt.executeQuery() ; 

while(resultset.next()){
  i++;
}

if(i>0){
  session.setAttribute("ADMIN", adminname);
  response.sendRedirect("admin_index.jsp");
}else{
  request.setAttribute("errInf","*密码与帐号不匹配");
  response.sendRedirect("login.jsp");
}

 %>